Skip to main content

Comply and Conquer - SSDF Attestation Form and Repo Released!

CISA has released the SSDF Attestation Form on March 11 and Publishes the Repository for Software Attestation and Artifacts on March 18.

In Effort to Bolster Government Cybersecurity, Biden Administration Takes Step to Ensure Secure Development Practices - 


CISA Publishes Repository for Software Attestation and Artifacts - 


Supply Chain Attacks in the news:

Solarwinds - 

Kaseya - 


Executive Order 14028 on Improving the Nation's Cybersecurity - 


"The Guidance"

Software Supply Chain security guidance under EO 14028 section 4e - 

Secure Software Development Framework (SSDF) Version 1.1 NIST SP 800-218: Recommendations for Mitigating the Risk of Software Vulnerabilities - 

OMB Memorandum M-22-18 Enhancing the Security of the Software Supply Chain through Secure Software Development Practices - 


InfusionPoints SSDF Blogs:

SSDF And How It Impacts Your CSO-KAS - 

Automatically Generating SBOMs For Customers - 

Generating And Safeguarding Artifacts For SSDF Attestation - 


Karen Scarfone
Mike Strohecker
Jason Shropshire